claim revocations

[nedgar]

Is the IPFS / off-chain format for revocations documented?

[Chengxuan]

@nedgar Is your question referring to the following section in the tutorial?

The place and the method to access the publicly available data are specified in the Identities State smart contract. Two possible initial options are:

IPFS, by adding a link to an IPNS address (example: ipfs://ipns/QmSrPmbaUKA3ZodhzPWZnpFgcPMFWF4QsxXbkWfEptTBJd), which contains a standardized structure of the data. HTTPS, by adding a link to an HTTPS endpoint (example: https://kyc.iden3.io/api/v1/public-state/aabbccdd), which offers the data following a standardized API.

If so, I didn't find any examples of a standardized structure/API. @OBrezhniev are there any examples I've missed?

[nedgar]

Yes, that's the only reference to IPFS I've found. That CID doesn't resolve either. It would be good to have a concrete example of a revocation using IPFS for the revocations tree.

[OBrezhniev]

Hi @Chengxuan @nedgar @jimthematrix! We do not support resolving revocation trees from IPFS right now. We've done a PoC, but IPFS had slow data propagation and also high latency of each individual merkle tree node fetching, to the point that fetching info from IPFS was many times slower than generation of ZKP.

[nedgar]

@OBrezhniev thanks for clarifying. So the revocation tree resolution will be web-based for now? It would still be helpful to have an example showing the format.

[OBrezhniev]

@nedgar 1) web based, in two flavors, as a user you can go:

* to the issuer and get non-revocation proof. Example here: https://github.com/0xPolygonID/demo-issuer/blob/6baf0c89658b31d45cca92552f717fd390548f7b/issuer/service/http/server.go#L101

* to reverse hash service (RHS), using which user would resolve hash-by-hash merkle tree nodes down the path, until he receives nodes that he has already, or receives all the nodes on merkle tree path needed to generate merkle tree proof of revocation nonce non-inclusion into revocation tree. It provides higher level of privacy to the user. RHS code is not yet published. Only a library that works with it is: https://github.com/iden3/merkletree-proof

2) and soon onchain, in smart-contract.

We need to improve documentation on revocations. Here's an example of issuer's response for the claim that was revoked:

{"issuer":{"state":"26a7231ad56a5d12e3d60059b88cbc1915ca05d324c7795a5590a19ce4632726","root_of_roots":"0e2e6f36931db4a180bea48d919d4cef20bc9dbf9f8b374ccef80b57cec5f600","claims_tree_root":"00897905f81169097074a46012f20660791c8254d2569b1ceed3e11e00492723","revocation_tree_root":"4fbdc4399f869d571020c97a7dbd69e960e57ab6a1799cdadc71652c112aff1f"},"mtp":{"existence":true,"siblings":["15563167635390035705038647883416190603865019737081285594794812424517092703985","4344866576104488127539547571147096706828793674559537907415868128272712592402","16397379150316825612038753339692984444923797652062666310655277476568126315469"]}}

Not revoked:

{"issuer":{"state":"26a7231ad56a5d12e3d60059b88cbc1915ca05d324c7795a5590a19ce4632726","root_of_roots":"0e2e6f36931db4a180bea48d919d4cef20bc9dbf9f8b374ccef80b57cec5f600","claims_tree_root":"00897905f81169097074a46012f20660791c8254d2569b1ceed3e11e00492723","revocation_tree_root":"4fbdc4399f869d571020c97a7dbd69e960e57ab6a1799cdadc71652c112aff1f"},"mtp":{"existence":false,"siblings":["15563167635390035705038647883416190603865019737081285594794812424517092703985","4344866576104488127539547571147096706828793674559537907415868128272712592402","2591230202791531340837039893407837448749770552089719007127781675732578088001"],"node_aux":{"key":"2604870631","value":"0"}}}

One more non revoked:

{"issuer":{"state":"26a7231ad56a5d12e3d60059b88cbc1915ca05d324c7795a5590a19ce4632726","root_of_roots":"0e2e6f36931db4a180bea48d919d4cef20bc9dbf9f8b374ccef80b57cec5f600","claims_tree_root":"00897905f81169097074a46012f20660791c8254d2569b1ceed3e11e00492723","revocation_tree_root":"4fbdc4399f869d571020c97a7dbd69e960e57ab6a1799cdadc71652c112aff1f"},"mtp":{"existence":false,"siblings":["19298631360925848537942503197288852110009853617239974666488423228923347708345","19245066374282615501242078365466197293279571948659438782584907934900942645268","20191410245657623984394257454823146184518851665755279586109734372569010841611"]}}

[Chengxuan]

Hi @OBrezhniev do you have the code of MTP generation using RoT from IPFS available? I wonder whether the delay of a permissioned IPFS is low enough for that approach to work, have you gave that option a try.

for 2. and soon onchain, in smart-contract. Does that mean the issuer will need to pay gas fee for publishing the latest revocation records as well. Does it also mean the smaller time window a verifier defines "recent" the more gas fee an issuer needs to pay for publishing the latest revocation records?